From e6286fbace138f501ebf2a4a28d3ded3fcc0643a Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 28 Oct 2021 09:53:27 +0200 Subject: [PATCH 1/2] volumes: do not pass mount opt as formatter string otherwise passing a formatter string as an option causes a weird error message: $ podman run --mount type=devpts,destination=/dev/pts,%sfoo ... Error: %!s(MISSING)foo: invalid mount option Signed-off-by: Giuseppe Scrivano --- pkg/specgenutil/volumes.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkg/specgenutil/volumes.go b/pkg/specgenutil/volumes.go index 3ce96164fd..1f07534323 100644 --- a/pkg/specgenutil/volumes.go +++ b/pkg/specgenutil/volumes.go @@ -360,7 +360,7 @@ func getBindMount(args []string) (spec.Mount, error) { // Since Docker ignores this option so shall we. continue default: - return newMount, errors.Wrapf(util.ErrBadMntOption, kv[0]) + return newMount, errors.Wrapf(util.ErrBadMntOption, "%s", kv[0]) } } @@ -460,7 +460,7 @@ func getTmpfsMount(args []string) (spec.Mount, error) { // Since Docker ignores this option so shall we. continue default: - return newMount, errors.Wrapf(util.ErrBadMntOption, kv[0]) + return newMount, errors.Wrapf(util.ErrBadMntOption, "%s", kv[0]) } } @@ -493,7 +493,7 @@ func getDevptsMount(args []string) (spec.Mount, error) { newMount.Destination = filepath.Clean(kv[1]) setDest = true default: - return newMount, errors.Wrapf(util.ErrBadMntOption, kv[0]) + return newMount, errors.Wrapf(util.ErrBadMntOption, "%s", kv[0]) } } @@ -573,7 +573,7 @@ func getNamedVolume(args []string) (*specgen.NamedVolume, error) { // Since Docker ignores this option so shall we. continue default: - return nil, errors.Wrapf(util.ErrBadMntOption, kv[0]) + return nil, errors.Wrapf(util.ErrBadMntOption, "%s", kv[0]) } } @@ -624,7 +624,7 @@ func getImageVolume(args []string) (*specgen.ImageVolume, error) { // Since Docker ignores this option so shall we. continue default: - return nil, errors.Wrapf(util.ErrBadMntOption, kv[0]) + return nil, errors.Wrapf(util.ErrBadMntOption, "%s", kv[0]) } } From 4e9e6f21ff1f600191f661c9102149bb49067dff Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 28 Oct 2021 10:15:21 +0200 Subject: [PATCH 2/2] volumes: allow more options for devpts allow to pass down more options that are supported by the kernel. Discussion here: https://github.com/containers/toolbox/issues/568 Signed-off-by: Giuseppe Scrivano --- docs/source/markdown/podman-create.1.md | 10 ++++++++++ docs/source/markdown/podman-run.1.md | 10 ++++++++++ pkg/specgenutil/volumes.go | 2 ++ test/e2e/run_test.go | 8 ++++++++ 4 files changed, 30 insertions(+) diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index ea90428611..3ff736adb6 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -638,6 +638,16 @@ Current supported mount TYPEs are **bind**, **volume**, **image**, **tmpfs** and . U, chown: true or false (default). Change recursively the owner and group of the source volume based on the UID and GID of the container. + Options specific to devpts: + + · uid: UID of the file owner (default 0). + + · gid: GID of the file owner (default 0). + + · mode: permission mask for the file (default 600). + + · max: maximum number of PTYs (default 1048576). + #### **--name**=*name* Assign a name to the container diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index b5f3130fec..a1170253f7 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -665,6 +665,16 @@ Current supported mount TYPEs are **bind**, **volume**, **image**, **tmpfs** and . U, chown: true or false (default). Change recursively the owner and group of the source volume based on the UID and GID of the container. + Options specific to devpts: + + · uid: UID of the file owner (default 0). + + · gid: GID of the file owner (default 0). + + · mode: permission mask for the file (default 600). + + · max: maximum number of PTYs (default 1048576). + #### **--name**=*name* Assign a name to the container. diff --git a/pkg/specgenutil/volumes.go b/pkg/specgenutil/volumes.go index 1f07534323..184bfadf84 100644 --- a/pkg/specgenutil/volumes.go +++ b/pkg/specgenutil/volumes.go @@ -483,6 +483,8 @@ func getDevptsMount(args []string) (spec.Mount, error) { for _, val := range args { kv := strings.SplitN(val, "=", 2) switch kv[0] { + case "uid", "gid", "mode", "ptxmode", "newinstance", "max": + newMount.Options = append(newMount.Options, val) case "target", "dst", "destination": if len(kv) == 1 { return newMount, errors.Wrapf(optionArgError, kv[0]) diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go index 2e0f626d0f..95660bfc95 100644 --- a/test/e2e/run_test.go +++ b/test/e2e/run_test.go @@ -1198,6 +1198,14 @@ USER mail`, BB) Expect(session.OutputToString()).To(ContainSubstring("devpts")) }) + It("podman run --mount type=devpts,target=/dev/pts with uid, gid and mode", func() { + // runc doesn't seem to honor uid= so avoid testing it + session := podmanTest.Podman([]string{"run", "-t", "--mount", "type=devpts,target=/dev/pts,uid=1000,gid=1001,mode=123", fedoraMinimal, "stat", "-c%g-%a", "/dev/pts/0"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(ContainSubstring("1001-123")) + }) + It("podman run --pod automatically", func() { session := podmanTest.Podman([]string{"run", "-d", "--pod", "new:foobar", ALPINE, "nc", "-l", "-p", "8686"}) session.WaitWithDefaultTimeout()